Search results for: Security

Now available, code scanning is a developer-first, GitHub-native approach to easily find security vulnerabilities before they reach production.

Code scanning support for 3rd party CI/CD

We recently shipped support for the origin-bound draft standard for security codes delivered via SMS. This standard ensures security codes are entered in a phishing-resistant manner. It accomplishes this by binding an SMS with…

Remote Education explores the challenges of organizing student communities and events online. We’ll be speaking with event organizers and community leaders in the industry and academics each week to help…

In this interview, we dig deeper with Maya Kaczorowski on what DevSecOps is, and how to apply it. It’s a mindset shift in how development teams think about security. DevSecOps is about making all parties who are part of the application development lifecycle accountable for security of the application.

GitHub Enterprise Server 2.22 is now here with GitHub Actions, Packages and Advanced Security Code Scanning available for the very first time.

A free two-day single track conference live on September 24 – 25, 2020 in celebration of our culture and LatinX heritage month. You will join a live stream of interactive talks by industry experts in both Spanish, Portuguese and English, with live captioning and translation. Topics will include software development, security, technical project management, civic tech, open source, professional development and best practices.

Lee este artículo en español Estamos muy entusiasmados en anunciar nuestro siguiente evento virtual en América Latina: GitHub ¡Presente! en Español El primer evento será el Martes 22 de Septiembre…

In May, we announced the beta release of GitHub Codespaces, a cloud development environment that lets you code from anywhere. Thousands of users are using Codespaces to improve collaboration, onboard faster,…

Our Secret Scanning program adds new partners

Code scanning API

It’s back! We’re here to bring you the latest and greatest releases for September 2020. These are exciting new releases from some of the coolest projects around. There’s everything from…

The developer community in Africa continues to thrive. Here at GitHub, we’re excited to announce our first Virtual Meetup for African developers. This meetup is happening on Tuesday, September 15th,…

At GitHub, we spend a lot of time thinking about and building secure products—and one key facet of that is threat modeling. This practice involves bringing security and engineering teams…

Register, vote, and volunteer to make an impact during the U.S. 2020 elections.

Integrating static analysis security testing into the developer workflow is hard. We discuss the challenges and how to overcome them

Aimed at developers, in this series we introduce and explore the memory unsafe attack surface of interpreted languages.

Keeping open source software secure is a community responsibility. But with millions of projects, it’s hard to pinpoint the right signal from noise—and find and fix the vulnerabilities that really…

When developers share the responsibility of security, perform security testing earlier in your development lifecycle, and use Git as a source of truth, you can help your development teams find and remediate security issues faster.

Nós do GitHub estamos animados em anunciar nosso meetup virtual na América Latina, o GitHub ¡Presente!

GitHub provides the security capabilities to achieve Level 1 of the OWASP DevSecOps Maturity Model. In this post, we explore the principles of DSOMM Level 1 and how you can implement secret scanning, SCA, SAST and DAST using native tooling on GitHub.